CVE-2025-66483

Published: Apr 02, 2026 Last Modified: Apr 02, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,3

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: low

Integrity: low

Availability: low

Description

AI Translation Available

IBM Aspera Shares 1.9.9 through 1.11.0 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system.

613

Insufficient Session Expiration

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control

Potential Impacts:

Bypass Protection Mechanism

Applicable Platforms

Technologies: Web Based, Web Server

View CWE Details

https://www.ibm.com/support/pages/node/7267848

CVE-2025-66483

Description

Insufficient Session Expiration

Common Consequences

Applicable Platforms

Iscriviti alla newsletter